de237777518dc9c0b7a03c536746d878[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de237777518dc9c0b7a03c536746d878.exe
Size

62KB
MD5

de237777518dc9c0b7a03c536746d878
SHA1

a357466573e35d634a119b7f2e7a8a18f5018811
SHA256

23c6e8163646ba03c0a5c6dcdf0f0df5688ec4a91c8bd9b663888440254bc12f
SHA512

40337a848a49487805dbb663313de888c967cb4392fe1c63311395a005b22633f603c8868d2bfbc05539844926072c80cd9dd4abfcb0786098e8e3e242d12067
SSDEEP

1536:2mLuy2AtwhCC3P43iyGS5lzYAfQzf/3ma9cS3:2qJzC3Ki5ylUA4zf/3mocC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de237777518dc9c0b7a03c536746d878.exe

Files

de237777518dc9c0b7a03c536746d878.exe
.exe windows:6 windows x86 arch:x86

f9e0f22dd6f41da7f3579c559466fbd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
setsockopt
send
select
gethostbyname
WSAStartup
recv
inet_addr
connect
htons
closesocket

dnsapi

DnsQuery_A
DnsFree

kernel32

GetComputerNameA
InterlockedExchange
GetTempPathA
lstrlenA
lstrcatA
lstrcpyA
GetWindowsDirectoryA
GetVolumeInformationA
SetEvent
Sleep
CreateThread
FindClose
FindFirstFileA
CloseHandle
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
CreateEventW
WaitForSingleObject
CreateMutexA
lstrcmpiA

user32

wsprintfA

advapi32

GetUserNameA

ntdll

memcpy
memcmp
_chkstk

shlwapi

StrToIntA
StrStrIA

Exports

Exports

DllEntry

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ